Highlighted
New Member
Posts: 11
Registered: ‎05-18-2014
Kudos: 1
Accepted Solution

EdgeRouter PPPoE Encryption

G'day,

 

I set up a new EdgeRouter for testing today, and had the pppoe auth working fine, but whenever I select encryption for pppoe on the radio(nanostation) connecting to the router, it refuses to connect.

 

Is there anything I've done wrong, or does the encrytion not work with the EdgeRouter PoE?


Accepted Solutions
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5471
Solutions: 1656
Contributions: 2

Re: EdgeRouter PPPoE Encryption


@Twoopi86 wrote:

I set up a new EdgeRouter for testing today, and had the pppoe auth working fine, but whenever I select encryption for pppoe on the radio(nanostation) connecting to the router, it refuses to connect.


You can try modifying the "/opt/vyatta/share/perl5/Vyatta/PPPoEServerConfig.pm" file, look for the following line:

$str .= "require-mschap-v2\n";

and add another line below it:

$str .= "require-mppe\n";

Then reconfigure PPPoE server so that it will regenerate the PPP config. If this works, we can look into making this a configurable option.

View solution in original post


All Replies
Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3137
Solutions: 945
Contributions: 16

Re: EdgeRouter PPPoE Encryption

Post your config file.

EdgeMAX Router Software Development
New Member
Posts: 11
Registered: ‎05-18-2014
Kudos: 1

Re: EdgeRouter PPPoE Encryption

[ Edited ]
interfaces {
    ethernet eth0 {
        address dhcp
        duplex auto
        ip {
            ospf {
                dead-interval 40
                hello-interval 10
                priority 1
                retransmit-interval 5
                transmit-delay 1
            }
        }
        poe {
            output off
        }
        speed auto
    }
    ethernet eth1 {
        address 172.203.1.1/24
        duplex auto
        ip {
            ospf {
                dead-interval 40
                hello-interval 10
                priority 1
                retransmit-interval 5
                transmit-delay 1
            }
        }
        poe {
            output 24v
        }
        speed auto
    }
    ethernet eth2 {
        duplex auto
        poe {
            output 48v
        }
        speed auto
    }
    ethernet eth3 {
        duplex auto
        poe {
            output off
        }
        speed auto
    }
    ethernet eth4 {
        duplex auto
        poe {
            output off
        }
        speed auto
    }
    loopback lo {
    }
    switch switch0 {
        mtu 1500
    }
}
port-forward {
    auto-firewall enable
    hairpin-nat enable
    lan-interface eth1
    wan-interface eth0
}
protocols {
    ospf {
        area 0.0.0.0 {
            area-type {
                normal
            }
            network 172.203.1.0/24
            network 192.168.*.0/24
        }
        parameters {
            abr-type cisco
            router-id 192.168.*.199
        }
        redistribute {
            connected {
                metric-type 2
            }
        }
    }
}
service {
    gui {
        https-port 443
    }
    pppoe-server {
        authentication {
            mode radius
            radius-server 192.168.*.* {
                key ************
            }
        }
        client-ip-pool {
            start 172.203.1.101
            stop 172.203.1.180
        }
        dns-servers {
            server-1 *.*.*.*
        }
        interface eth1
    }
    ssh {
        port 22
        protocol-version v2
    }
    webproxy {
        cache-size 0
        default-port 3128
        listen-address 192.168.*.* {
        }
        mem-cache-size 5
    }
}
system {
    host-name ubnt
    login {
        user admin {
            authentication {

            }
            level admin
        }
    }
    ntp {
        server 0.ubnt.pool.ntp.org {
        }
        server 1.ubnt.pool.ntp.org {
        }
        server 2.ubnt.pool.ntp.org {
        }
        server 3.ubnt.pool.ntp.org {
        }
    }
    offload {
        ipsec enable
        ipv4 {
            forwarding enable
        }
        ipv6 {
            forwarding disable
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone Australia/Melbourne
}


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@4:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.6.0.4716006.141031.1731 */

 Hope that's all you need

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5471
Solutions: 1656
Contributions: 2

Re: EdgeRouter PPPoE Encryption


@Twoopi86 wrote:

I set up a new EdgeRouter for testing today, and had the pppoe auth working fine, but whenever I select encryption for pppoe on the radio(nanostation) connecting to the router, it refuses to connect.


You can try modifying the "/opt/vyatta/share/perl5/Vyatta/PPPoEServerConfig.pm" file, look for the following line:

$str .= "require-mschap-v2\n";

and add another line below it:

$str .= "require-mppe\n";

Then reconfigure PPPoE server so that it will regenerate the PPP config. If this works, we can look into making this a configurable option.

New Member
Posts: 11
Registered: ‎05-18-2014
Kudos: 1

Re: EdgeRouter PPPoE Encryption

Thanks for the response, will try when I'm in the office next, and reply if it works. Man Happy

New Member
Posts: 11
Registered: ‎05-18-2014
Kudos: 1

Re: EdgeRouter PPPoE Encryption

That worked perfectly. Thanks for the response.

 

It's a bit of a pain to do it that way, it would be great if there was an option for it.

 

Cheers,

Phil

Established Member
Posts: 1,868
Registered: ‎05-01-2013
Kudos: 388
Solutions: 50

Re: EdgeRouter PPPoE Encryption

@UBNT-ancheng

If I am drunk, ill be calm.
If I'm calm, I'll be nice and if I'm nice...
I wont go to hell!
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5471
Solutions: 1656
Contributions: 2

Re: EdgeRouter PPPoE Encryption

Yeah this was added in 1.7.0alpha3 (currently available in the beta forum) as a configurable setting.

New Member
Posts: 13
Registered: ‎05-18-2018
Solutions: 1

Re: EdgeRouter PPPoE Encryption

There is encryption in server mode.
But in the client mode there is no.

The connection can not be established.
Can I run an encription in the client mode because I can not find this option?

(require-mppe) MPPE128